EUVD-2024-17111

Malicious code in bioql PyPI...

CVE-2024-1354 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the syslog-ng configuration file. Exploitation of this vulnerability required access to the GitHub...

Design/Logic Flaw

An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...

Securonix SNYPR 注入漏洞

Securonix SNYPR is an open, modular, next-generation security intelligence platform from Securonix, Inc. that combines log management, security information and events. A security vulnerability exists in Securonix SNYPR version 6.4, which stems from the syslog-ng configuration wizard that allows a...